We performed a comparison between ArcSight Enterprise Security Manager (ESM) and Cybereason Endpoint Detection & Response based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."We do consulting and I get feedback from our clients that the product really helped them with compliance, especially with GDPR."
"Very good real-time reporting with a good dashboard."
"It is a very useful tool for intelligence building because it has many use cases and many rule sets."
"We utilize ArcSight ESM for real-time threat detection in our organization. We have custom rules that we've developed on top of the WAN services, along with scheduled licensing activities."
"It is a robust product and has multiple valuable features."
"ArcSight ESM allows us to find if someone is doing an administrative operation at inappropriate times of day or trying to do something they're not allowed to."
"The feature that I have found the most useful is that it can be deployed to the cloud."
"There are many features that are good for clients who are looking for a good SIEM solution. They like the ease of creating a business that is effective and impressive."
"Immediately we can pick up the computers in the network if any malicious operation that is triggered."
"The initial setup was easy and straightforward."
"The dashboard is very good and you can consider it as an interactive UI."
"The initial setup process is straightforward."
"Their EDR solution, the ability to mitigate issues through their command line, is probably the best feature that we've had. We use that all the time. It's very useful for doing investigations."
"It gives all the information in a clear response."
"The most valuable feature is the capability of the command used by the machine so that we see the kind of performance that is running."
"Cybereason absolutely enables us to mitigate and isolate on the fly. Our managed detection response telemetry has dropped dramatically since we began using it. It's very top-of-mind. We were running some tabletop exercises and none of the detections were getting triggered by the managed security services provider. So we needed to find a solution that would trigger high-fidelity alerts. That was Cybereason and it dramatically changed our landscape from the detection and response perspective."
"The customer experience could be improved."
"What could be improved in ArcSight Enterprise Security Manager (ESM) is its analytics feature. That feature should be more powerful and have more correlation in terms of AI/ML, though MicroFocus has done a good job in adding analytics to ArcSight Enterprise Security Manager (ESM) which has become a big draw to customers. What I'd like to see in the next release of the solution is the addition of AI/ML features."
"Could benefit from a more modern interface."
"The solution could be more stable."
"The weakness in this system comes about because, with so many different logs, it is possible that the security analyst will lose information."
"The security area has room for improvement."
"The UI interface is somewhat complex and needs to be simplified."
"Customer service and support is our biggest challenge."
"It initially took some time to deploy."
"The network coverage becomes an issue most of the time."
"There can be problems with the EDI."
"I feel that the product lacks reporting features and needs improvement."
"What needs to improve in Cybereason Endpoint Detection & Response and what I'd like to see in its next release is a centralized dashboard that allows you to view what is there, similar to what's on Symantec Endpoint Protection Manager: a beautiful display and reporting. Cybereason Endpoint Detection & Response has to start with the compliance, the homepage, etc. Everything should be there and should be customizable. The options should be there. The tool is very good currently, but visibility for IT administrators is lacking and needs to be worked on."
"The product's reporting isn't great."
"Cybereason does not have sandbox functionality."
"Reporting could be a bit more granular so that we had the ability to check regions and countries. I just noticed that, for instance, if I look at our servers, it's either "contained" or it's "not contained". I don't have the option, for instance, to look at countries. It only allows me to look at users as one big group."
More ArcSight Enterprise Security Manager (ESM) Pricing and Cost Advice →
More Cybereason Endpoint Detection & Response Pricing and Cost Advice →
ArcSight Enterprise Security Manager (ESM) is ranked 12th in Security Information and Event Management (SIEM) with 93 reviews while Cybereason Endpoint Detection & Response is ranked 36th in Endpoint Detection and Response (EDR) with 19 reviews. ArcSight Enterprise Security Manager (ESM) is rated 7.8, while Cybereason Endpoint Detection & Response is rated 8.0. The top reviewer of ArcSight Enterprise Security Manager (ESM) writes "Allows for monitoring logs according to industry standards within ESM but has a total capacity capped at 12 TB, limiting real-time data retention periods". On the other hand, the top reviewer of Cybereason Endpoint Detection & Response writes "It has helped us become more knowledgeable about our environment and aware of threats". ArcSight Enterprise Security Manager (ESM) is most compared with Splunk Enterprise Security, ArcSight Intelligence, Trellix ESM, IBM Security QRadar and Rapid7 InsightIDR, whereas Cybereason Endpoint Detection & Response is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, Darktrace and SentinelOne Singularity Complete.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.